Either you use "user@computer.foo.com" with problems when "computer" is
down, making your network known to the people outside, having different
addresses for a same person switching to another computer, ...

Or you take a mail hub, "mailhost.foo.com" with rules for rewriting,
so every user seems to post from the same address, even if they are on
different computers.

But in that case, how can users read their mail?

Using a rsh with elm? :-)

It would overload our mail hub!
One method was forwarding or UUCP, smtp, etc. but it's too complicated.

Then came POP/IMAP, both with security problems at the beginning, (now
fixed using ssh on new versions): a mail program has sometimes to be set
locally (like qmail, smail or vmail if, for example, you use elm, but
mozilla will avoid that!) however, getting and sending Email is simpler.

you must choose a POP-aware mailer; many do now (like Pine,
Emacs, Mozilla, Netscape, Mutt, IE, Pegasus, Eudora, Claris...),

when a user may roam (read mail from different machines) having
e-mail popped on the computer used yesterday can be a nuisance,

some POP servers (e.g. qpopper, ipop3d) on high-use servers can
load the machine significantly. Consider controlling options (such as
not leaving mail on the server) and/or changing the pop server
(e.g. cucipop), as well as avoiding running it from inetd.

The password problem can be solved creating a crypted "channel" to have
POP on it or using APOP or RPOP extensions. The mail reader problem can
be solved either by changing mail reader (don't underestimate the effort
required to re-educate users!) or by using a POP "mail sucker" with a
local mail program.

IMAP can be preferable to POP in various situations like remote (and
especially roaming) access, while you restrict POP to a LAN where
snooping of passwords isn't so much of a concern. Mark Aitchison
reported a solution here is to use hosts.deny and hosts.allow files
(please see Net-3 HOWTO ; this assumes you are starting pop from
inet).

The policy of leaving mail on the server or not has implications for
server disk space and easier backup/security of the mail, as well as
allowing roaming, so the best solution depends on the type of
organization. Of course, this will not ensure your mail can't be read,
but nobody will be able to delete it ; if all your mail is pgp
encrypted this is a better solution.

Here are some pop programs worth trying:

gwpop (a Good Way to POP) is very protected since it creates a crypted
"channel" and puts mail directly in the "spool" ; however, it depends on Perl.

popclient, simple to use:
For example if your login is john and your password
PrettySecret, you will run:

If you get the date, you should be OK. Please note ssh will not ask
for a password, therefore you must create a ".shosts" file on the mail
server, containing client's name. To test ssh port redirection (which
gwpop uses), type: